隐私保护视角下的个人健康数据监管研究

A Study on the Supervision of Personal Health Data from the Perspective of Privacy Protection

大数据技术带来个人健康信息的数据化,个人健康数据化在提高医疗效率和增进社会福利的同时也增加了个人隐私信息泄露的风险。世界各国都极为重视对个人健康数据处理行为的监管。欧盟推出以GDPR为代表的集中监管模式,通过严格规制数据处理行为来保护个人数据权利;美国采取以HIPAA为中心的多重监管模式,鼓励企业通过隐私设计来实现隐私信息保护。中国采取了硬法与软法相结合的综合监管模式,这种模式虽然有效推进了数字经济发展和健康中国建设,但仍存在法律监管的真空地带和平台监管的乏力状态。未来我国应在法律监管中叠加技术治理,促进并规范互联网医疗健康平台的自我规制,加快出台政府数据开放隐私影响评估政策,探索“自我规制+政府规制”的合作规制模式。

Personal health information goes through datafication in the age of big data.It has been demonstrated that the big data analysis of patient information can boost treatment effectiveness,and the analysis of population health can facilitate social welfare promotion.However,the technology increases the risk of disclosing personal health information without consent.In fact,the management of personal health information has become the primary target for governments around the world.European Union initiated the General Data Protection Regulation(GDPR)in 2016,which is a centralized management method to protect personal data,including personal health information.U.S.government,under the federal law of the Health Insurance Portability and Accountability Act of 1996(HIPAA),creates intersectional management by involving companies in designing privacy protection and requiring them to follow the HIPAA Privacy Rule.In General,China takes a comprehensive measure of combining both social norms and relevant laws to protect personal health data.While this management is beneficial to the digital economy development and in line with Healthy China 2030,it cannot legally explain and address privacy violation problems due to a lack of detailed information.Besides,the efficiency of current management platform is not ideal.It is suggested in this paper that in the future,China should integrate the high-technology management into the current law supervision model,develop and standardize the self-regulated internet medical platforms,accelerate the introduction of monitoring and evaluation of governmental open-source data,and explore the“personal-and-governmental regulating”cooperation.